WordPress 2.8.5 was released yesterday, which includes a fix for a denial-of-service (DoS) attack and a number of changes that removed code that could potentially be used to hack into WordPress. The denial-of-service attack utilizes specially crafted trackbacks that cause WordPress to use a significant amount of processing power when they are processed which could lead WordPress becoming unresponsive. The code removal changes were originally developed for the upcoming version 2.9 and were backported to improve security as soon as possible.